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(54) Abstract Title 

System for managing files, with alteration preventing/detecting function 


(57) By storing an authenticator created from a data file in 
a secure area 31 usually inaccessible to a user, the 
alteration of the data file can be detected. Furthermore, by 
designating the data fie as a main -file 33 and creating 
authenticators from various kinds of sub-files 34 related to 
the main-file, the size of the secure area where the 
authenticators are stored can be reduced. A computer 1 
and storage unit 2 have reciprocal authentication units 11, 
12. 
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SYSTEM FOR MANAGING FILES WITH 
ALTERATION PREVENTING/DETECTING FUNCTION 

5 

The present invention relates to a system for 
managing files having the functions of altering files 
and detecting the alteration of files, and more 
10 particularly to a file managing system for 
implementing the alteration prevention of files and 
detecting the alteration by storing authenticators 
indirectly created from files in an area inaccessible 
to the operator. 

15 

As the computerization of official documents such 
as tax-related slips, etc. is promoted, a demand for 
keeping computerized data as evidence, safely and for 

20 a long time, in the same way as data is preserved on 
paper, has been increasing. The computerized documents 
can be very easily processed and reused, and can 
easily be added to, deleted from, corrected or 
transferred via a network, etc. For this reason, the 

25 computerized data involves a risk of being altered by 
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a third party. 

To solve this problem the applicant has applied 
for Japanese patent application No. 9-88485 ("File 
system and program storage medium" dated April 7, 
5 1997), This is a file system in which illegal 
alteration by the low-level access of illegal users, 
or illegal and malicious alteration by authorized 
users can be detected by linking the file management 
module in the OS (operating system) with a storage 

10 medium (secure medium) where an area usually 
unaccessible to users (secure area) can be set and 
preserving authenticators for detecting the alteration 
of data files, the access logs of data files, etc. in 
the secure area relating the authenticators, the 

15 access logs, etc. to the data files. 

However, in the above-mentioned conventional 
example, since access to a secure area by users is 
usually protected by a file system, in a system 
without such a file system, the secure area can be 

20 easily accessed, and as a result, authenticators, 
access logs, etc. related to data files can often be 
altered freely. 

Although a necessary secure area differs in size, 
since the sizes of access logs, etc. expand 

25 dynamically, usually it is difficult to modify the 
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size of both a secure area and a normal area. 

Embodiments of the present invention 
5 provide a system for managing files having alteration 
preventing/detecting functions for preventing a secure 
area from being easily accessed and preventing the 
authenticator and access log, etc, related to a data 
file from being freely altered, by means of reciprocal 

10 authentication obtained between a file system and a 
storing unit such as, for example, a unit of firmware. 

Embodiments Q f the present invention 
provide a system for managing files having alteration 
preventing/detecting functions for dynamically 

15 modifying the size of both a secure area and a normal 
area by locating sub- files such as authenticators, 
access logs, etc. related to a data file being a main- 
file in the normal area, and locating only 
authenticators created from the sub- file in the secure 

20 area. 

A system for managing files having alteration 
preventing/detecting functions 

may comprise a reciprocal authentication unit, 
an access allowing key storage unit, a file access 
25 unit, a main-file storage unit, a main-file reading 
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unit, a sub-file storage unit, a sub-file reading 
unit, a system file storage unit, a system file 
reading unit, an authentication information creation 
unit, an authentication information comparison unit, 
an access allowing key group storage unit, an access 
allowing key identification unit and a secure area 

access unit. 

in the first aspect of the present invention the 
reciprocal authentication unit creates an access 
allowing key. The access allowing key storage unit 
stores the access allowing key. The file access unit 
sends out an access request together with the access 
allowing key. The access allowing key group storage 
unit stores all the access allowing keys. The access 
allowing identification unit identifies if the access 
allowing key stored in the access allowing key storage 
unit and at least one access allowing key stored in 
the access allowing key group storage unit, are the 
same. The secure area access unit accesses a secure 
20 area normally unaccessible. 

in the second aspect of the present invention the 
sub-file storage unit stores files. The authentication 
information creation unit creates sub-file 
authentication information used to verify the sub- 
25 files. The system file storage unit stores the sub- 


15 
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file authentication information relating the 
information to the main-file as a system file. 

In the third aspect of the present invention the 
main-file storage unit stores a main-file. The 
5 authentication information creation unit creates main- 
file authentication information to be used to verify 
the main- file. The sub-file storage unit stores the 
main- file authentication information relating the 
information to the main- file as one of sub-files. 

10 In the fourth aspect of the present invention the 

main-file storage unit stores a main-file. The 
authentication creation unit creates main- file 
authentication Information to be used to verify the 
main-file. The sub-file storage unit stores the main- 

15 file authentication information relating the 
information to the main-file as one of sub-files. The 
sub-file storage unit stores one or a plurality of 
sub-files related to a main-file. The authentication 
information creation unit creates sub-file 

20 authentication information to be used to verify the 
sub-file. The system file storage unit stores the sub- 
file authentication information relating the 
information to the sub-file as a system file. 

In the fifth aspect of the present invention the 

25 sub-file reading unit reads sub-files. The 
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authentication information creation unit creates sub- 
file authentication information from sub-files read 
from the sub- file reading unit- The system file 
reading unit reads sub-file authentication information 
5 from a system file related to the sub-file. The 
authentication information comparison unit compares 
the sub-file authentication information created by the 
authentication information creation unit with the sub- 
file authentication information read by the system 

10 file reading unit. 

In the sixth aspect of the present invention the 
main-file reading unit reads a main-file. The 
authentication information creation unit creates main- 
file authentication information from a main-file read 

15 from the main-file reading unit. The sub-file reading 
unit reads main- file authentication information from 
sub-files related to the main-file. The authentication 
information comparison unit compares the main- file 
authentication information created by the 

20 authentication information creation unit with the 
main-file authentication information read by the sub- 
file reading unit. 

In the seventh aspect of the present invention 
the main-file reading unit reads a main-file. The sub- 

25 file reading unit reads one or a plurality of sub- 


BNSDOC1D: <G8__2331361A_L> 


files related to the main-file and the main- file 
authentication information from sub- files related to 
the main-file. The system file reading unit reads sub- 
file authentication information from a system file 
related to the sub-file- The authentication 
information creation unit creates main- file 
authentication information from a main-file read by 
the main-file reading unit, and creates sub- file 
authentication information from sub- files read by the 
sub-file reading unit. The authentication information 
comparison unit compares the main- file authentication 
information created by the authentication information 
creation unit with the main-file authentication 
information read by the sub- file reading unit, and 
compares the sub-file authentication information 
created by the authentication information creation 
unit with the sub- file authentication information read 
by the system file reading unit. 

The present invention will be more apparent from 
the following detailed description in conjunction with 
the accompanying drawings, in which: 

Fig.l shows an entire configuration of a file 
management system having alteration 


a 

preventing/detecting functions of the present 
invention* 

Fig. 2 explains a file composition of the present 
invention. 

5 Fig. 3 explains a calculation method of a message 

authentication code (MAC ) process. 

Fig. 4 shows a configuration of a file management 
system having alteration preventing/detecting 
functions of the first embodiment of this invention. 
10 Fig. 5 is a flowchart showing an operation of the 

first embodiment of this invention. 

Fig. 6 shows a configuration of a file management 
system having alteration preventing/detecting 
functions of the second embodiment of this invention. 
15 Fig. 7 is a flowchart showing an operation of the 

second embodiment of this invention. 

Fig. 8 shows a configuration of a file management 
system having alteration preventing/detecting 
functions of the third embodiment of this invention. 
20 Fig. 9 is a flowchart showing an operation of the 

third embodiment of this invention. 

Fig. 10 shows a configuration of a file management 
system having alteration preventing/detecting 
functions of the fourth embodiment of this invention. 
25 Fig. 11 is a flowchart showing an operation of 
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the fourth embodiment of this invention. 

Fig. 12 shows a configuration of a file 
management system having alteration 
preventing/detecting functions of the fifth embodiment 
5 of this invention. 

Fig. 13 is a flowchart showing an operation of 
the fifth embodiment of this invention. 

Fig. 14 shows a configuration of a file management 
system having alteration preventing/detecting 
10 functions of the sixth embodiment of this invention. 

Fig. 15 shows a configuration of a file management 
system having alteration preventing/detecting 
functions of the seventh embodiment of this invention. 
Fig. 16 shows a configuration of a file management 
15 system having alteration preventing/detecting 
functions of the eighth embodiment of this invention. 

Fig. 17 is a flowchart showing an operation of 
the eighth embodiment of this invention. 

Fig. 18 shows a configuration of a file management 
20 system having alteration preventing/detecting 
functions of the ninth embodiment of this invention. 

Fig. 19 is a flowchart showing an operation of 
the ninth embodiment of this invention. 

Fig. 20 shows a configuration of a file management 
25 system having alteration preventing/detecting 
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functions of the tenth embodiment of this invention. 

Fig .21 is a flowchart showing an operation of 
the tenth embodiment of this invention. 

Fig. 22 shows a configuration of a file management 
5 system having alteration preventing/detecting 
functions of the eleventh embodiment of this 
invention. 

Fig. 23 is a flowchart showing an operation of 
the eleventh embodiment of this invention. 
!0 Fig. 24 shows a configuration of a file management 

system having alteration preventing/detecting 
functions of the twelfth embodiment of this invention. 

Fig. 25 shows a configuration of a file management 
system having alteration preventing/detecting 
15 functions of the thirteenth embodiment of this 
invention. 

Fig. 26 shows a configuration of a file management 
system having alteration preventing/detecting 
functions of the fourteenth embodiment of this 
20 invention. 

Fig. 27 is a flowchart showing an operation of 
the fourteenth embodiment of this invention. 

Fig. 28 shows a configuration of a file management 
system having alteration preventing/detecting 
25 functions of the fifteenth embodiment of this 
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invention . 

Fig. 29 is a flowchart showing an operation of 
the fifteenth embodiment of this invention. 

Fig. 30 shows a configuration of a file management 
5 system having alteration preventing/detecting 
functions of the sixteenth embodiment of this 
invention. 

Fig. 31 shows a configuration of an alteration 
preventing/detecting system. 


The embodiments of this invention are described 
in detail below with reference to the drawings. 

The invention of claim 1 is a file system 

15 comprising a computer and a storage unit. The computer 
comprises a reciprocal authentication unit for 
reciprocally authenticating the computer with the 
storage unit and creating an access allowing key when 
the computer and storage unit are reciprocally 

20 authenticated, an access allowing key storage unit for 
storing the access allowing key, and a file access 
unit for sending an access request together with the 
access allowing key. The storage unit comprises a 
reciprocal authentication unit for reciprocally 

25 authenticating the storage unit with the computer and 
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creating an access allowing key when the computer and 
storage unit are reciprocally authenticated, an access 
allowing key group storage unit for storing all the 
access allowing keys, an access allowing key 

5 identification unit for identifying if the access 
allowing key stored in the access allowing key storage 
unit and at least one access allowing key stored in 
the access allowing key group storage unit, are the 
same, and a secure area access unit for accessing a 

10 secure area usually unaccessible . 

The invention of claim 2 is the file management 
system according to claim 1, wherein both the 
authentication unit of the computer and file access 
unit are implemented by a unit of hardware. 

15 The invention of claim 3 is a file management 

system comprising a sub-file storage unit for storing 
one or a plurality of sub-files related to a main- 
file, an authentication information creation unit for 
creating sub-file authentication information to be 

20 used to verify the sub-files, and a system file 
storage unit for storing the sub- file authentication 
information relating the information to the sub- file 
as a system file. 

The invention of claim 4 is a file management 

25 system comprising a main-file storage unit for storing 
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a main-file, an authentication information creation 
unit for creating main-file authentication information 
to be used to verify the main-file, and a sub-file 
storage unit for storing one of sub- files to which the 
5 main-file authentication information is related. 

The invention of claim 5 is a file management 
system comprising a main- file storage unit for storing 
a main-file, an authentication information creation 
unit for creating main-file authentication information 

10 to be used to verify the main-file, a sub-file storage 
unit for storing one of sub-files to which the main- 
file authentication information is related, a sub- file 
storage unit for storing one or a plurality of sub- 
files related to a main-file, an authentication 

15 information creation unit for creating sub-file 
authentication information to be used to verify the 
sub-file, and a system file storage unit for storing 
the sub-file authentication information relating the 
information to the sub-file as a system file- 

20 The invention of claim 6 is a file management 

system according to claim 5, wherein the main-file, 
sub- files and system file are stored in a non- secure 
area usually accessible. 

The invention of claim 7 is a file management 

25 system according to claim 5, wherein the main-file, 
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and the sub-files and system file are stored in a non- 
secure area usually accessible and a secure area 
usually unaccessible, respectively. 

The invention of claim 8 is a file management 
system according to claim 5, wherein the main-file and 
sub- files, and the system file are stored in a non- 
secure area usually accessible and a secure area 
usually unaccessible, respectively. 

The invention of claim 9 is a file management 
system according to claim 6, comprising a computer and 
a storage unit, wherein the computer comprises a 
reciprocal authentication unit for reciprocally 
authenticating with the storage unit and creating an 
access allowing key when the computer and storage unit 
are reciprocally authenticated, an access allowing key 
storage unit for storing the access allowing key, and 
a file access unit for sending an access request 
together with the access allowing key. The storage 
unit comprises a reciprocal authentication unit for 
reciprocally authenticating with the computer and 
creating an access allowing key when the computer and 
storage unit are reciprocally authenticated, an access 
allowing key group storage unit for storing all the 
access allowing keys, an access allowing key 
identification unit for identifying if the access 


15 

allowing key stored in the access allowing key storage 
unit and at least one access allowing key stored in 
the access allowing key group storage unit, are the 
same, and a secure area access unit for accessing a 
5 secure area usually unaccessible, and the 
authentication information creation unit reads a 
medium ID peculiar to a medium stored in the secure 
area after reciprocally authenticating the computer 
and storage unit and uses the medium ID to create both 

10 the main-file authentication information and sub-file 
authentication information. 

The invention of claim 10 is a file management 
system according to claim 7, comprising a computer and 
a storage unit, wherein the computer comprises a 

15 reciprocal authentication unit for reciprocally 
authenticating with the computer and creating an 
access allowing key when the computer and storage unit 
are reciprocally authenticated, an access allowing key 
storage unit for storing the access allowing key, and 

20 a file access unit for sending an access request 
together with the access allowing key. The storage 
unit comprises a reciprocal authentication unit for 
reciprocally authenticating with the computer and 
creating an access allowing key when the computer and 

25 storage unit are reciprocally authenticated, an access 
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allowing key group storage unit for storing all the 
access allowing keys, an access allowing key 
identification unit for identifying if the access 
allowing key stored in the access allowing key storage 

5 unit and at least one access allowing key stored in 
the access allowing key group storage unit, are the 
same, and a secure area access unit for accessing a 
secure area usually unaccessible- The authentication 
information creation unit reads a medium ID peculiar 

10 to a medium stored in the secure area after 
reciprocally authenticating the computer and storage 
unit and uses the medium ID to create both the main- 
file authentication information and sub- file 
authentication information. 

15 The invention of claim 11 is a file management 

system according to claim 8, comprising a computer and 
a storage unit, wherein the computer comprises a 
reciprocal authentication unit for reciprocally 
authenticating with the storage unit and creating an 

20 access allowing key when the computer and storage unit 
are reciprocally authenticated, an access allowing key 
storage unit for storing the access allowing key, and 
a file access unit for sending an access request 
together with the access allowing key. The storage 

25 unit comprises a reciprocal authentication unit for 
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reciprocally authenticating with the computer and 
creating an access allowing key when the computer and 
storage unit are reciprocally authenticated, an access 
allowing key group storage unit for storing all the 
5 access allowing keys, an access allowing key 
identification unit for identifying if the access 
allowing key stored in the access allowing key storage 
unit and at least one access allowing key stored in 
the access allowing key group storage unit, are the 

10 same, and a secure area access unit for accessing a 
secure area usually unaccessible. The authentication 
information creation unit reads a medium ID peculiar 
to a medium stored in the secure area after 
reciprocally authenticating the computer and storage 

15 unit, and uses the medium ID to create both the main- 
file authentication information and sub-file 
authentication information. 

The invention of claim 12 is a file management 
system according to claim 9, wherein the reciprocal 

20 authentication information unit of the computer and 
the file access unit are implemented by means of 
hardware. 

The invention of claim 13 is a file management 
system according to claim 9, wherein the medium ID is 
25 a card ID. 
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The invention of claim 14 is a file management 
system according to claim 9, wherein the medium ID is 
a master ID. 

The invention of claim 15 is a file management 
5 system according to claim 9, wherein the 
authentication information is created for each record 
of a file. 

The invention of claim 16 is a file management 
system according to claim 10, wherein the 
10 authentication information is created for each record 
of a file. 

The invention of claim 17 is a file management 
system according to claim 11, wherein the 
authentication information is created for each record 

15 of a file. 

The invention of claim 18 is a file management 
system comprising a sub- file reading unit for reading 
one or a plurality of sub- files related to a main- 
file, an authentication information creation unit for 

20 creating sub-file authentication information from sub- 
files read by the sub-file reading unit, a system file 
reading unit for reading sub-file authentication 
information from a system file related to the sub- 
file, and an authentication information comparison 

25 unit for comparing the sub-file authentication 
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information created by the authentication information 
creation unit with the sub-file authentication 
information read by the system file reading unit. 

The invention of claim 19 is a file management 
5 system comprising a main-file reading unit for reading 
a main-file, an authentication information creation 
unit for creating main-file authentication information 
from a main-file read by the main-file reading unit, 
a sub-file reading unit for reading main-file 

10 authentication information from sub-files related to 
the main-file, and an authentication information 
comparison unit for comparing the main- file 
authentication information created by the 
authentication information creation unit with the 

15 main- file authentication information read by the sub- 
file reading unit. 

The invention of claim 20 is a file management 
system comprising a main-file reading unit for reading 
a main-file, a sub-file reading unit for reading main- 

20 file authentication information from one or a 
plurality of sub-files related to the main-file and 
sub- files related to the main- file, a system file 
reading unit for reading sub-file authentication 
information from a system file related to the sub- 

25 file, an authentication information creation unit for 
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20 

creating main-file authentication information from a 
main-file read by the main-file reading unit and 
creating sub-file authentication information from 
sub- files read from the sub-file reading unit, an 
authentication information comparison unit for 
comparing the main-file authentication information 
created by the authentication information creation 
unit with the main-file authentication information 
read by the sub- file reading unit and comparing the 
sub-file authentication information created by the 
authentication information creation unit with the sub- 
file authentication information read by the system 

file reading unit. 

The invention of claim 21 is a file management 
system according to claim 20, wherein the main-file, 
sub-files and system file are stored in a non-secure 
area usually accessible. 

The invention of claim 22 is a file management 
system according to claim 20, wherein the main-file, 
and the sub-files and system file are stored in a non- 
secure area usually accessible and a secure area 
usually unaccessible, respectively. 

The invention of claim 23 is a file management 
system according to claim 20, wherein the main-file 
and sub-files, and the system file are stored in a 
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non-secure area usually accessible and a secure area 
usually unaccessible, respectively. 

The invention of claim 24 is a file management 
system according to claim 21, comprising a computer 

5 and a storage unit, wherein the computer comprises a 
reciprocal authentication unit for reciprocally 
authenticating with the storage unit and creating an 
access allowing key when the computer and storage unit 
are reciprocally authenticated, an access allowing key 

10 storage unit for storing the access allowing key, and 
a file access unit for sending an access request 
together with the access allowing key. The storage 
unit comprises a reciprocal authentication unit for 
reciprocally authenticating with the computer and 

15 creating an access allowing key when the computer and 
storage unit are reciprocally authenticated, an access 
allowing key group storage unit for storing all the 
access allowing keys, an access allowing key 
identification unit for identifying if the access 

20 allowing key stored in the access allowing key storage 
unit and at least one access allowing key stored in 
the access allowing key group storage unit, are the 
same, and a secure area access unit for accessing a 
secure area usually unaccessible. The authentication 

25 information creation unit reads a medium ID peculiar 
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to a medium stored in the secure area after 
reciprocally authenticating the computer and storage 
unit, and uses the medium ID to create both the main- 
file authentication information and sub-file 
5 authentication information. 

The invention of claim 25 is a file management 
system according to claim 22 , comprising a computer 
and a storage unit, wherein the computer comprises a 
reciprocal authentication unit for reciprocally 

10 authenticating with the storage unit and creating an 
access allowing key when the computer and storage unit 
are reciprocally authenticated, an access allowing key 
storage unit for storing the access allowing key and 
a file access unit for sending an access request 

15 together with the access allowing key, the storage 
unit comprises a reciprocal authentication unit for 
reciprocally authenticating with the computer and 
creating an access allowing key when the computer and 
storage unit are reciprocally authenticated, an access 

20 allowing key group storage unit for storing all the 
access allowing keys, an access allowing key 
identification unit for identifying if the access 
allowing key stored in the access allowing key storage 
unit and at least one access allowing key stored in 

25 the access allowing key group storage unit, are the 
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same, and a secure area access unit for accessing a 
secure area usually unaccessible. The authentication 
information creation unit reads a medium ID peculiar 
to a medium stored in the secure area after 
5 reciprocally authenticating the computer and storage 
unit and uses the medium ID to create both the main- 
file authentication information and sub-file 
authentication information. 

The invention of claim 26 is a file management 

10 system according to claim 23, comprising a computer 
and a storage unit, wherein the computer comprises a 
reciprocal authentication unit for reciprocally 
authenticating with the storage unit and creating an 
access allowing key when the computer and storage unit 

15 are reciprocally authenticated, an access allowing key 
storage unit for storing the access allowing key, and 
a file access unit for sending an access request 
together with the access allowing key. The storage 
unit comprises a reciprocal authentication unit for 

20 reciprocally authenticating with the computer and 
creating an access allowing key when the computer and 
storage unit are reciprocally authenticated, an access 
allowing key group storage unit for storing all the 
access allowing keys, an access allowing key 

25 identification unit for identifying if the access 


BNS0OCID: <GB 2331»U_I_> 


24 

allowing key stored in the access allowing key storage 
unit and at least one access allowing key stored in 
the access allowing key group storage unit, are the 
same, and a secure area access unit for accessing a 
5 secure area usually unaccessible . The authentication 
information creation unit reads a medium ID peculiar 
to a medium stored in the secure area after 
reciprocally authenticating the computer and storage 
unit, and uses the medium ID to create both the main- 
10 file authentication information and sub-file 
authentication information. 

The invention of claim 27 is a file management 
system according to claim 24, wherein the reciprocal 
authentication unit of the computer and the file 
15 access unit are implemented by means of hardware. 

The invention of claim 28 is a file management 
system according to claim 24, wherein the medium ID 

is a card ID. 

The invention of claim 29 is a file management 
20 system according to claim 24, wherein the medium ID 

is a master ID. 

The invention of claim 30 is a file management 
system according to claim 24, wherein the 
authentication information is created for each record 
25 of a file. 
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The invention of claim 31 is a file management 
system according to claim 1, wherein the storage unit 
comprises a sector access unit for accessing a main- 
file or sub-files related to the main-file in units 
5 of sectors or sector groups, and the secure area 
access unit comprises an access control information 
reading unit for reading access control information 
stored in the secure area. 

The invention of claim 32 is a file management 
10 system according to claim 31, wherein the secure area 
access unit further comprises an access control 
information setting unit for setting access control 
information in the secure area. 

The invention of claim 33 is a file management 
15 system according to claim 9, wherein authentication 
information is created using one, two or all of the 
medium ID, card ID and master ID. 

The invention of claim 34 is a file management 
system according to claim 24, wherein authentication 
20 information is created using one, two or all of the 
medium ID, card ID and master ID. 

The invention of claim 35 is a file management 
method comprising the reciprocal authentication step 
of creating an access allowing key, the access 
25 allowing key storing step of storing the access 
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allowing keys, the file access step of sending an 
access request together with the access allowing key, 
the access allowing key group storing step of storing 
all the access allowing keys, the access allowing key 
5 identifying step of identifying if the access allowing 
key stored in the access allowing key storing step and 
at least one access allowing key stored in the access 
allowing key group storing step, are the same, and the 
secure area accessing step of accessing a secure area 
10 usually unaccessible when reciprocal authentication 
is carried out between a computer and a storage unit 
and when the computer and the storage unit are 
reciprocally authenticated. 

The invention of claim 36 is a computer readable 
15 storage medium with a recorded file management program 
for enabling a computer to implement the reciprocal 
authentication step of creating an access allowing 
key, the access allowing key storing step of storing 
the access allowing key, the file access step of 
sending an access request together with the access 
allowing key, the access allowing key group storing 
step of storing all the access allowing keys, the 
access allowing key identifying step of identifying 
if the access allowing key stored in the access 
25 allowing key storing step and at least one access 


20 
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allowing key stored in the access allowing key group 
storing step, are the same, and the secure area 
accessing step of accessing a secure area usually 
unaccessible when reciprocal authentication is carried 
5 out between a computer and a storage unit and when the 
computer and the storage unit are reciprocally 
authenticated . 

Fig.l shows the entire configuration of the file 
management system having the alteration 
10 preventing/detecting functions of the present 
invention. 

Each component unit is described later with 
reference to Figs. 4, 6, 8, 10, 12, 14, 15, 16, 18, 
20, 22, 24, 25, 26, 28 and 30 while describing each 
15 embodiment of this invention. 

Each component unit on a computer 1 side such as 
a reciprocal authentication unit 11, authentication 
information creation unit 14 and authentication 
information comparison unit 15, etc., can be a 
20 software subroutine of a file management module in an 
OS, or can be constructed by means of hardware. 

Fig. 2 explains the file composition of the 
present invention. 

Authenticators created from a main- file are 
25 stored in sub-files, and authenticators created from 
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sub-files are stored in a system file. 

Fig. 3 explains the calculation method of a 
message authentication code (MAC) processing. 

Source data such as a main-file, sub- files, etc. 
5 are divided, for example, into several blocks of 64 
bits, and are ciphered. The exclusive-ORs of the 
ciphered value and the next 64 bits are calculated, 
and are also ciphered. Although each ciphered value 
or a part of the value, for example, the higher- order 

10 32 bits, can be made an authenticator, in each 
embodiment of this invention described later, this 
process is repeated to the last block of the source 
data, and higher-order 32 bits finally obtained shall 
be an authenticator. 

15 Fig. 4 shows the configuration of the file 

management system having the alteration 
preventing/detecting functions of the first embodiment 
of this invention. Fig. 5 is a flowchart showing the 
operation of the first embodiment of this invention. 

20 In step S51 the reciprocal authentication unit 

11 on the computer 1 side and the reciprocal 
authentication unit 21 on the storage unit 2 side are 
reciprocally authenticated. If in step S52 the 
reciprocal authentication succeeds, in step S53 a 

25 common access allowing key is created. In step S54 the 


BNS00C1D <G8 Z331381A_L> 



29 

reciprocal authentication unit 11 on the computer 1 
side transfers the created allowing key to an access 
allowing key storage unit 12, and the key is stored 
in the storage unit 12. The reciprocal authentication 
5 unit 21 on the storage unit 2 side also transfers the 
created allowing key to an access allowing key storage 
unit 22, and the key is stored in the storage unit 22. 
The reciprocal authentication method shall use, for 
example, a general open key. 

10 In step S55, when accessing a secure area 31 in 

a medium 3 to be accessed via the storage unit 2, a 
file access unit 13 sends the access allowing key to 
a secure area access unit 24 of the storage unit 2 
together with an access request. 

15 In step S56 an access allowing key identification 

unit 23 judges whether or not there is the same access 
allowing key as the access allowing key sent from the 
file access unit 13 to the secure area access unit 24 
together with the access request, in the access 

20 allowing key storage unit 22. If there is the same 
access allowing key, in step S57 the secure area 
access unit 24 accesses a secure area 31. 

Each of the reciprocal authentication unit 11 and 
file access unit 13 on the computer side 1 can be a 

25 software subroutine of a file management module in an 
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OS or can be constructed by means of hardware. 

Fig- 6 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the second 
embodiment of this invention. Fig. 7 is a flowchart 
showing the operation of the second embodiment of 
this invention. 

In step S71 a sub-file storage unit 138 stores 
sub-files 34 in the medium 3 in units of blocks, if 
there is still another sub- file 34 to be processed 
when the flow returns from the process in step S74, 
described later, the sub-file storage unit 138 reads 
the sub-file 34, and combines the sub-file 34 with the 
already stored sub-files 34, and transfers the 
combined sub-file to an authentication information 
creation unit 14. 

In step S72 the authentication information 
creation unit 14 creates an authenticator being 
authentication information from the combined sub- file, 
which is transferred to a system file storage unit 
134. In step S73 it is checked whether or not all the 
blocks of the sub-file 34 are processed. If there is 
still another block to be processed, the flow returns 
to step S71, where the next block of the sub-file 34 
is processed. 


31 

In step S73 it is checked whether or not all the 
plurality of sub- files 34 are processed. If there is 
still another sub- file 34 to be processed, the flow 
returns to step S71, where the next sub- file 34 is 
5 processed* 

in step S74 the system file storage unit 134 
makes a set of an arbitrary ID for exclusively 
identifying both a main-file 33 and a sub-file group 
34 , and an authenticator being authentication 

10 information, and stores the set in a system file 35. 

Fig. 8 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the third embodiment 
of this invention. Fig. 9 is a flowchart showing the 

15 operation of the third embodiment of this invention. 

In step S91 a main-file storage unit 136 stores 
the main- file 33 in the medium 3 in units of blocks, 
and also transfers the main- file 33 to the 
authentication information creation unit 14. 

20 In step S92, when receiving this main- file 33, 

the authentication information creation unit 14 
creates an authenticator being authentication 
information, and transfers the authenticator to the 
sub- file storage unit 138. In step S93 it is checked 

25 whether or not all the blocks of the main- file 33 
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are processed. If there is still another block to be 
processed, the flow returns to step S91, where the 
next block of the main- file 33 is processed. 

In step S94 the sub-file storage unit 138 makes 
5 a set of an arbitrary ID for exclusively identifying 
a main-file 33 and an authenticator being 
authentication information, and stores the set in a 
specific sub- file 34. 

Fig. 10 shows the configuration of the file 
10 management system having the alteration 
preventing/detecting functions of the fourth 
embodiment of this invention. Fig. 11 is a flowchart 
showing the operation of the fourth embodiment of 
this invention. 
15 in step Sill the main-file storage unit 136 

stores the main- file 33 in the medium 3 in units of 
blocks, and transfers the main-file 33 to the 
authentication information creation unit 14. 

In step SI 12 the authentication information 
20 creation unit 14 creates an authenticator being 
authentication information from the main- file 33, and 
transfers the authenticator to the sub-file storage 
unit 138. In step S113 it is checked whether or not 
all the blocks of the main-file 33 are processed. If 
25 there is still another block to be processed, the flow 
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returns to step Sill, where the next block of the 
main- file 33 is processed. 

In step S114 the sub-file storage unit 138 makes 
a set of an arbitrary ID for exclusively identifying 
5 a main-file 33 and an authenticator being 
authentication information, and stores the 
authenticator in a specific sub-file 34. 

Then, in step S115 a sub-file reading unit 139 
reads the sub-file group 34, and transfers the sub- 

10 file group 34 to the authentication information 
creation unit 14. 

In step S116 the authentication information 
creation unit 14 creates an authenticator being 
authentication information, and transfers the 

15 authenticator to the system file storage unit 134. In 
step S117 it is checked whether or not all the blocks 
of the sub-file 34 are processed. If there is still 
another block to be processed, the flow returns to 
step S115, where the next block of the sub-file 34 is 

20 processed. 

In step SI 18 it is checked whether or not all the 
plurality of sub-files 34 are processed. If there is 
still another sub-file 34 to be processed, the flow 
returns to step SI 15, where the next sub-file 34 is 

25 processed. By executing this process on all of the 
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sub-files, the sub-file reading unit 139 is able to 
read all of the sub-files in the sub-file group 34, 
and is able to transfer all of the sub- files in the 
sub-file group 34 to the authentication information 

creation unit 14. 

In step S119 the system file storage unit 134 
makes a set of an arbitrary ID for exclusively 
identifying both main-file 33 and sub-file group 34, 
and an authenticator being authentication information, 
and stores the set in the system file 35. 

Although the main-file 33 is stored in a non- 
secure area 32, the sub-files 34 and system file 35 
can be stored in either the secure area 31 or the non- 

secure area 32* 

That is, the main-file 33 being actual data has 
to be stored in the non-secure area 32, and since the 
sub-files 34 and system file 35 are not directly 
required to be accessed nor are directly accessed, the 
sub-files 34 and system file 35 can be stored in 
either the secure area 31 or the non-secure area 32. 

Fig. 12 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the fifth embodiment 
of this invention. Fig. 13 is a flowchart showing the 
operation of the fifth embodiment of this invention. 
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The reciprocal authentication described in the 
first embodiment of this invention is carried out in 
advance. 

In step S130 a medium ID reading unit 16 reads 
a medium ID 36 from the secure area 31 in the medium 
3, and transfers the medium ID 36 to the 
authentication information creation unit 14. 

In step S131 the main-file storage unit 136 
stores the main-file 33 in the medium 3 in units of 
blocks, and also transfers the main-file 33 to the 
authentication information creation unit 14, 

In step S132, when receiving the main-file 33, 
the authentication information creation unit 14 
creates an authenticator being authentication 
information from the main-file 33 using the medium ID 
36 as a key, and transfers the authenticator to the 
sub-file storage unit 138. It is assumed here that the 
authenticator is created using a data encryption 
standard-message authentication code (DES-MAC) . 

In step S133 it is checked whether or not all the 
blocks of the main-file 33 are processed. If there is 
still another block to be processed, the flow returns 
to step S131, and the next block of the main-file 33 
is processed. 

In step S134 the sub-file storage unit 138 makes 


a set of an arbitrary ID for exclusively identifying 
a main-file 33 and an authenticator being 
authentication information, and stores the set in a 
specific sub-file 34. 
5 Then, in step S135 a sub-file reading unit 139 

reads sub-files, and transfers the sub-files to the 
authentication information creation unit 14. 
Furthermore , when the flow returns from the process 
in step S138, described later, the sub-file reading 

10 unit 139 combines the data stored in step S134, and 
transfers the data to the authentication information 
creation unit 14. That is, the sub-file reading unit 
139 reads all of the sub-file group 34, combines all 
of the stored sub-file group 34, and transfers the 

15 sub-file group 34 to the authentication information 
creation unit 14. 

In step S136 the authentication information 
creation unit 14 creates an authenticator being 
authentication information in the same way as 

20 described above, and transfers the authenticator to 
the system file storage unit 134. 

In step S137 it is checked whether or not all the 
blocks of the sub-file 34 are processed. If there is 
still another block to be processed, the flow returns 

25 to step S135, where the next block of the sub-file 34 
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is processed* 

In step S138 it is checked whether or not all the 
plurality of sub-files 34 are processed* If there is 
still another sub-file 34 to be processed, the flow 
5 returns to step S135, where the next sub- file 34 is 
processed. 

In step S139 the system file storage unit 134 
makes a set of an arbitrary ID for exclusively 
identifying both the main-file 33 and sub-files 34 , 
10 and authentication information, and stores the set in 
the system file 35. 

The medium ID 36 used as a key when creating the 
authenticator can also be read from the medium 3 in 
advance . 

15 Furthermore, the above-mentioned process can also 

be executed for each record composing the file of the 
main-file 33 and sub-files 34. 

Fig. 14 shows the configuration of the file 
management system having the alteration 

20 preventing/detecting functions of the sixth embodiment 
of this invention. 

The configuration and basic operation of the 
sixth embodiment of this invention are the same as the 
configuration and basic operation of the fifth 

25 embodiment of this invention, except that the medium 


BKS00C10: <G8 233l36iA_!_> 


38 

ID 36 read by the medium ID reading unit 16 in the 
fifth embodiment of this invention described with 
reference to Fig. 12 , is replaced with a card ID 18 in 
the sixth embodiment of this invention. 

Fig. 15 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the seventh 
embodiment of this invention. 

The configuration and basic operation of the 
seventh embodiment of this invention are the same as 
the configuration and basic operation of the fifth 
embodiment of this invention, except that the medium 
ID 36 read by the medium ID reading unit 16 in the 
fifth embodiment of this invention described with 
reference to Fig. 12 is replaced with a master ID 17 
in the seventh embodiment of this invention. 

Fig. 16 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the eighth 
embodiment of this invention. Fig. 17 is a flowchart 
showing the operation of the eighth embodiment of 
this invention. 

In step S171, when a verification request is 
issued by a higher-order layer (a user, etc.) via 
input/output unit 41, the system file reading unit 135 
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reads an authenticates being corresponding 
authentication information from the system file 35, 
and transfers the authenticator to an authentication 
information comparison unit 15. 
5 On the other hand, in step S172 the sub-file 

reading unit 139 reads the sub-files 34 in units of 
blocks , and transfers the sub- files 34 to the 
authentication information creation unit 14. 

In step S173 the authentication information 
10 creation unit 14 creates an authenticator being 
authentication information, and transfers the 
authenticator to the authentication information 
comparison unit 15. 

In step SI 74 it is checked whether or not all the 
15 blocks of the sub-file 34 are processed. If there is 
still another block to be processed, the flow returns 
to step S172, where the next block of the sub-file 34 
is processed. 

In step S175 it is checked whether or not all the 
20 plurality of sub-files 34 are processed. If there is 
still another sub-file 34 to be processed, the flow 
returns to step S172, where the next sub-file 34 is 
processed. 

In step S176 the authentication information 
25 comparison unit 15 compares these authenticator s being 
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authentication information. If the authenticators are 
the same, the authentication information comparison 
unit 15 reports the successful verification to the 
higher-order layer. If the authenticators are 
5 different, the authentication information comparison 
unit 15 reports the failed verification to the higher- 
order layer. 

Fig. 18 shows the configuration of the file 
management system having the alteration 
10 preventing/detecting functions of the ninth embodiment 
of this invention. Fig. 19 is a flowchart showing the 
operation of the ninth embodiment of this invention. 

in step S191, when a verification request is 
issued by a higher-order layer (a user, etc.) via 
15 input/output unit 41, the sub-file reading unit 139 
reads an authenticator being corresponding 
authentication information from the specific file 34, 
and transfers the authenticator to an authentication 
information comparison unit 15. 

On the other hand, in step S192 the main-file 
reading unit 137 reads a main-file 33 in units of 
blocks, and transfers the main-file 33 to the 
authentication information creation unit 14. 

in step S193 the authentication information 
creation unit 14 creates an authenticator being 


20 


25 


8KSOOOD <GB_2»1»1A_L> 


authentication information, and transfers the 
authenticator to the authentication information 
comparison unit 15. 

In step S194 it is checked whether or not all the 
blocks of the main-file 33 are processed. If there is 
still another block to be processed, the flow returns 
to step S192, where the next block of the main-file 
33 is processed. 

In step S195 the authentication information 
comparison unit 15 compares these authenticators being 
authentication information. If the authenticators are 
the same, the authentication information comparison 
unit 15 reports the successful verification to the 
higher-order layer. If the authenticators are 
different, the authentication information comparison 
unit 15 reports the failed verification to the higher- 
order layer. 

Fig. 20 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the tenth embodiment 
of this invention. Fig. 21 is a flowchart showing the 
operation of the tenth embodiment of this invention. 

In step S210, when a reading request for reading 
a main-file 33 is issued, first the system file 
reading unit 135 reads an authenticator being 


corresponding authentication information from the 
system file 35 , and transfers the authenticator to the 
authentication information comparison unit 15. 

On the other hand, in step S211 the sub-file 
5 reading unit 139 reads sub-files 34 in units of 
blocks , and transfers the sub- files to the 
authentication information creation unit 14. 

In step S212 the authentication information 
creation unit 14 creates an authenticator being 
10 authentication information from these sub-files in 
units of blocks , and transfers the authenticator to 
the authentication information comparison unit 15- 

In step S213 it is checked whether or not all 
the blocks of the sub- file 34 are processed. If there 
15 is still another block to be processed, the flow 
returns to step S211, where the next block of the sub- 
file 34 is processed. 

In step S214 it is checked whether or not all the 
plurality of sub-files 34 are processed. If there is 
20 still another sub-file 34 to be processed, the flow 
returns to step S211, where the next sub-file 34 is 
processed. 

In step S215 the authentication information 
comparison unit 15 compares the authenticator being 
25 the read authentication information with the 
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authenticator being created authentication 
information, and if the authenticators are different, 
reports the failed verification to the higher-order 
layer* 

5 Then, if the verification succeeds, in step S216 

the sub-file reading unit 139 reads an authenticator 
being the authentication information for the main- file 
33 from the sub-files 34, and transfers the 
authenticator to the authentication information 

10 comparison unit 15. 

On the other hand, in step S217 the main-file 
reading unit 137 reads the main-file 33 in units of 
blocks, and transfers the main- file 33 to the 
authentication information creation unit 14. 

15 In step S218 the authentication information 

creation unit 14 creates an authenticator being 
authentication information in units of blocks, and 
transfers the authenticator to the authentication 
information comparison unit 15. 

20 In step S219 it is checked whether or not all the 

blocks of the main- file 33 are processed. If there is 
still another block to be processed, the flow returns 
to step S217, and the next block of the main- file 33 
is processed. 

25 In step S220 the authentication information 
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comparison unit 15 compares the authenticator being 
read authentication information with the authenticator 
being created authentication information, and reports 
the result of the verification to the higher-order 
5 layer. 

Although the main- file 33 is stored in a non- 
secure area, the sub-files 34 and system file 35 can 
be stored in either the secure area or the non-secure 
area. 

10 Fig. 22 shows the configuration of the file 

management system having the alteration 
preventing/detecting functions of the eleventh 
embodiment of this invention. Fig. 23 is a flowchart 
showing the operation of the eleventh embodiment of 

15 this invention. 

When a verification request is issued by a 
higher-order layer (a user, etc. ) via the input/output 
unit 41, in step S230 the medium ID reading unit 16 
reads a medium ID 36 from the secure area 31 in the 

20 medium 3, and transfers the medium ID 36 to the 
authentication information creation unit 14. 

In step S231 the system file reading unit 135 
reads an authenticator being corresponding 
authentication information from the system file 35, 

25 and transfers the authenticator to the authentication 
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information comparison unit 15. 

In step S232 the sub- file reading unit 139 reads 
sub- files 34 in units of blocks, and transfers the 
sub-files to the authentication information creation 

5 unit 14. 

In step S233 the authentication information 
creation unit 14 creates an authenticator being 
authentication information using the medium ID 36 as 
a key, and transfers the authenticator to the 
10 authentication information comparison unit 15. 

In step S234 it is checked whether or not all the 
blocks of the sub-file 34 are processed. If there is 
still another block to be processed, the flow returns 
to step S232, where the next block of the sub-file 34 
15 is processed. 

In step S235 it is checked whether or not all the 
plurality of sub-files 34 are processed. If there is 
still another sub- file 34 to be processed, the flow 
returns to step S232, where the next sub-file 34 is 
20 processed. 

In step S236 the authentication information 
comparison unit 15 compares the authenticator being 
the read authentication information with the 
authenticator being the created authentication 
25 information, and reports the failed verification to 
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the higher order layer if the authenticators are not 
the same. 

Then, if the verification succeeds, in step S237 
the sub-file reading unit 139 reads an authenticator 
being authentication information from a specific sub- 
file 34, and transfers the authenticator to the 
authentication information comparison unit 15. 

In step S238 the main-file reading unit 137 reads 
a main- file 33 in units of blocks, and transfers the 
main-file 33 to the authentication information 
creation unit 14. 

In step S239 the authentication information 
creation unit 14 creates an authenticator being 
authentication information in units of blocks using 
the medium ID 36 as a key, and transfers the 
authenticator to the authentication information 
comparison unit 15. 

In step S240 it is checked whether or not all the 
blocks of the main-file 33 are processed. If there is 
still another block to be processed, the flow returns 
to step S238, and the next block of the main-file 33 
is processed. 

In step S241 the authentication information 
comparison unit 15 compares the authenticator being 
the read authentication information with the 
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authenticator being the created authentication 
information. If the authenticators are the same, the 
authentication information comparison unit 15 reports 
the successful verification to the higher order layer. 
5 If the authenticators are different, the 
authentication information comparison unit 15 reports 
the failed verification to the higher order layer. 

The medium ID 36 to be used as a key when 
creating an authenticator can also be read from the 

10 medium 3 in advance. 

Furthermore, the above-mentioned process can be 
executed for each record composing both the main- file 
33 and sub- files 34 ♦ 

Fig. 24 shows the configuration of the file 

15 management system having the alteration 
preventing/detecting functions of the twelfth 
embodiment of this invention. 

The configuration and basic operation of the 
twelfth embodiment of this invention are the same as 

20 the configuration and basic operation of the eleventh 
embodiment of this invention,, except that the medium 
ID 36 read by the medium ID reading unit 16 in the 
eleventh embodiment of this invention described with 
reference to Fig. 22 is replaced with a card ID 18 in 

25 the twelfth embodiment of this invention. 
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Fig. 25 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the thirteenth 
embodiment of this invention. 

The configuration and basic operation of the 
thirteenth embodiment of this invention are the same 
as the configuration and basic operation of the 
eleventh embodiment of this invention, except that the 
medium ID 36 read by the medium ID reading unit 16 in 
the eleventh embodiment of this invention described 
with reference to Fig. 22 is replaced with a master ID 
17 common to a plurality of pieces of hardware in the 
twelfth embodiment of this invention. 

Fig. 26 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the fourteenth 
embodiment of this invention. Fig. 27 is a flowchart 
showing the operation of the fourteenth embodiment 
of this invention. 

In step S271 an access control information 
setting unit 242 sets and updates the setting of 
access control information 38. Various items are 
considered as a setting policy at the time of setting, 
for example, "once set to be unable to write, a sector 
shall never be set able to write again" can be 
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considered. 

in step S272 the access control information 
reading unit 241 reads the access control information 
38 in the secure area 31, and if the access is not 
5 allowed, reports the refusal to the user. 

If the access is allowed, in step S273 a sector 
access unit 251 receives an access (reading/writing) 
request, and accesses a sector (group) composed of the 
main-file 33 and sub-files 34 in the non-secure area 
10 32 of the storage medium 3. 

Fig.28 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the fifteenth 
embodiment of this invention. Fig. 29 is a flowchart 
15 showing the operation of the fifteenth embodiment of 
this invention. 

In step S291 an access control information 
setting unit 132 converts files designated by a 
higher-order layer to a sector list using a main-file/ 
20 sub- file - sector group correspondence table 133, and 
sends the sector list to the access control 
information setting unit 242 in the storage unit 2 
together with an access mode such as read only/ write 
only/ read and write, etc. 
25 in step S292 the access control information 
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setting unit 242 in the storage unit 2 sets and 
updates the setting of the access control information 
38 stored in the medium 3 according to the setting 
policy. As the setting policy in this case, for 
5 example, "once set to be unable to write, a sector 
shall be never set to be able to write again" is 
considered. 

In step S293 a main-file/sub-file access unit 131 
converts both main-file 33 and sub-files 34 to be 
10 accessed to a sector (group) according to the main- 
file/sub-file - sector group correspondence table 133, 
and issues a request to a sector access unit 251. 

In step S294 the sector access unit 251 executes 
or refuses the sector access according to the access 
15 control information 38 read by the access control 
information reading unit 241. 

Fig. 30 shows the configuration of the file 
management system having the alteration 
preventing/detecting functions of the sixteenth 
20 embodiment of this invention. 

An arbitrary combination consisting of one, two 
or all of the medium ID 36, card ID 18 and master ID 
17 in the fifth embodiment described with reference 
to Fig. 12, the sixth embodiment described with 
25 reference to Fig. 14, the seventh embodiment described 
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with reference to Fig. 15, the eleventh embodiment 
described with reference to Fig. 22, the twelfth 
embodiment described with reference to Fig. 24 and the 
thirteenth embodiment described with reference to 
5 Fig. 25, can also be used. 

In this case, for example, it is assumed that 
information for indicating a lot number is put in a 
part of the medium ID 36, and the specific lot is made 
from a material suited for long time preservation or 

10 is carefully surface-checked. 

Since official documents have to be preserved for 
a long time, a file system reads the medium ID 36 when 
inserting a medium, and if the medium is not included 
in the above-mentioned special lot, reports to the 

15 user that the medium cannot be used. 

It is needless to say that only if the functions 
of the present invention are to be executed, the 
present invention can be applied to a single 
apparatus, a system or integrated apparatus consisting 

20 of a plurality of apparatuses or a system in which the 
process can be executed via a network such as a LAN, 
etc. 

As shown in Fig. 31 the present invention can be 
implemented in a system where a CPU 311, a ROM /RAM 
25 312, an input unit 313, an output unit 314, an 
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external storage unit 315, a medium driving unit 316, 
a portable storage medium 319 and a network connecting 
unit 317 are connected via a bus. That is, it is 
needless to say that the functions of the present 

5 invention can also be implemented by providing a 
system or apparatus with a ROM/RAM 312, an external 
storage unit 315 and a portable storage medium 319, 
in which software program codes for implementing the 
system of each above-mentioned embodiments are 

10 recorded, and executing the reading of the program 
codes by the computer (or CPU 311) of the system or 
apparatus . 

in this case, the read program codes themselves 
implement the new functions of the present invention, 
15 and the portable storage medium 319, etc. in which the 
program codes are recorded only constructs the present 
invention. 

As a portable storage medium 319 for supplying 
program codes, for example, a floppy disk, a hard 
20 disk, a magneto-optic disk, an optical disk, a CD-ROM, 
a CD-R, a magnetic tape, a nonvolatile memory card, 
a ROM card, and various kinds of storage media storing 
the program codes accessed via a network connecting 
unit 317 (in other words, a communication circuit) 
such as an electronic mail, personal computer 


25 
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communication, etc. can be used. 

By executing the program codes read by a 
computer, an OS operating in the computer, etc. 
executes a part or all of the actual process according 
5 to the instruction of the program codes, and thereby 
the functions of the above-mentioned embodiments can 
be implemented. 

Furthermore, after the read program codes are 
written in a memory provided in a feature expansion 

10 board inserted in a computer or a feature expansion 
unit connected to a computer, a CPU provided in the 
feature expansion board or unit, etc. executes a part 
or all of the actual process, and thereby the 
functions of the above-mentioned embodiments can also 

15 be implemented. 

As described so far, in the present invention a 
secure area is usually prevented from being accessed 
by users by means of, for example, the firmware of a 
storage unit, and as a result, authenticators, access 

20 logs, etc. related to data files cannot be altered. 

By locating files and access logs, etc. related 
to data files in a non-secure area being a normal area 
and locating only the authenticators of the files in 
a secure area, the size of the secure area can be 

25 reduced. 
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CLAIMS : 


1. A system for managing files comprising a computer 
(1) and a storage unit (2), wherein 
the computer ( 1 ) comprises 

reciprocal authenticating means (11) for 
reciprocally authenticating the computer (1) with the 
storage unit (2) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key storing means (12) for 
storing the access allowing keys; and 

file accessing means (13) for sending an access 
request together with the access allowing key, and 
the storage unit (2) comprises 
reciprocal authenticating means (21) for 
reciprocally authenticating the storage unit (2) with 
the computer (1) and when the computer (1) and the 
storage unit (2) are authenticated with each other, 
creating access allowing keys; 

access allowing key group storing means ( 22 ) for 
storing all the access allowing keys; 

access allowing key identification means ( 23 ) for 
identifying if the access allowing key sent from the 
file accessing means (13) and stored in the access 
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allowing key storing means (12) and at least one 
access allowing key stored in the access allowing key 
group storing means (22), are the same; and 

secure area accessing means (24) for accessing 
5 a secure area usually unaccessible. 

2. The system for managing files according to claim 
1, wherein the reciprocal authenticating means (11) 
provided in said computer (1) and said file accessing 

10 means (13) are implemented by a unit of hardware. 

3. A system for managing files, comprising: 

sub-file storing means (138) for storing one or 
a plurality of sub-files (34) related to a main-file 
15 (33); 

authentication information creating means ( 14 ) 
for creating sub-file authentication information used 
to verify the sub-files (34); and 

system file storing means (134) for storing a 
20 system file (35) to which the sub- file authentication 
information is related. 

4. A system for managing files, comprising: 

main- file storing means (136) for storing a main- 
25 file (33); 
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authentication information creating means (14) 
for creating main- file authentication information to 
be used to verify the main-file (33); and 

sub-file storing means (138) for storing at least 
5 one sub-file (34) to which the main-file 
authentication information is related. 


5. A system for managing files, comprising: 

main-file storing means (136) for storing a main- 

10 file (33); 

sub-file storing means (138) for storing at least 
one sub-file (34) to which the main-file 
authentication information is related; 

authentication information creating means (14) 
15 for creating main-file authentication information to 
be used to verify the main-file/sub- file 
authentication information to be used to verify the 
sub-files (34); and 

system file storing means (134) for storing a 
20 system file (35) to which the sub- file authentication 
information is related. 

6. The system for managing files according to claim 
5, wherein said main-file (33), said sub-files (34) 
25 and said system files (35) are stored in a non-secure 
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area (32) usually accessible. 

7. The system for managing files according to claim 

5, wherein said main-file (33), and said sub-files 
5 (34) and said system files (35) are stored in a non- 
secure area (32) usually accessible and a secure area 
(31) usually unaccessible, respectively. 

8. The system for managing files according to claim 
10 5, wherein said main- file (33) and said sub- files 

(34), and said system files (35) are stored in a non- 
secure area (32) usually accessible and a secure area 
(31) usually unaccessible, respectively. 

15 9. The system for managing files according to claim 

6, further comprising a computer (1) and a storage 
unit (2), wherein 

the computer (1) comprises 

reciprocal authenticating means (11) for 
20 reciprocally authenticating the computer (1) with the 
storage unit (2) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key storing means (12) for 
25 storing the access allowing keys; and 
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file accessing means (13) for sending an access 
request together with the access allowing key, 

the storage unit (2) comprises 

reciprocal authenticating means ( 21 ) for 
reciprocally authenticating the storage unit (2) with 
the computer (1) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key group storing means (22) for 
storing all the access allowing keys; and 

access allowing key identification means (23) for 
identifying if the access allowing key sent from the 
file accessing means (13) and stored in the access 
allowing key storing means (12) and at least one 
access allowing key stored in the access allowing key 
group storing means (22), are the same; and 

secure area accessing means (24) for accessing 
a secure area (31) usually unaccessible, and 

the authentication information creating means 
(14) reads a medium ID (36) peculiar to the medium 
stored in the secure area 3 1), and uses the medium 
ID (36) to create the main-file authentication 
information and the sub-file authentication 
information after the computer (1) and the storage 
unit (2) are reciprocally authenticated. 
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10. The system for managing files according to claim 
7, further comprising a computer (1) and a storage 
unit (2), wherein 

the computer ( 1 ) comprises 
5 reciprocal authenticating means (11) for 

reciprocally authenticating the computer ( 1 ) with the 
storage unit (2) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

10 access allowing key storing means (12) for 

storing all the access allowing keys; and 

file accessing means (13) for sending an access 
request together with the access allowing key, 
the storage unit (2) comprises 

15 reciprocal authenticating means (21) for 

reciprocally authenticating the storage unit (2) with 
the computer (1) and when the computer (1) and the 
storage unit are reciprocally authenticated, creating 
access allowing keys; 

20 access allowing key group storing means (22) for 

storing all the access allowing keys; and 

access allowing key identification means (23) for 
identifying if the access allowing key sent from the 
file accessing means (13) and stored in the access 

25 allowing key storing means (12) and at least one 
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access allowing key stored in the access allowing key 
group storing means (22), are the same; and 

secure area accessing means (24) for accessing 
a secure area (31) usually unaccessible, and 
5 the authentication information creating means 

(14) reads a medium ID (36) peculiar to the medium 
stored in the secure area (31), and uses the medium 
ID (36) to create the main- file authentication 
information and the sub-file authentication 
10 information after the computer (1) and the storage 
unit (2) are reciprocally authenticated. 

11. The system for managing files according to claim 
8, further comprising a computer (1) and a storage 
15 unit (2), wherein 

the computer (1) comprises 

reciprocal authenticating means (11) for 
reciprocally authenticating the computer (1) with the 
storing unit ( 2 ) and when the computer ( 1 ) and the 
20 storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key storing means (12) for 
storing the access allowing key; and 

file accessing means (13) for sending an access 
25 request together with the access allowing key. 
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the storage unit (2) comprises 

reciprocal authenticating means (21) for 
reciprocally authenticating the storage unit (2) with 
the computer (1) and when the computer (1) and the 
5 storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key group storing means (22) for 
storing all the access allowing keys; and 

access allowing key identification means (23) for 
10 identifying if the access allowing key sent from the 
file accessing means (13) and stored in the access 
allowing key storing means (12) and at least one 
access allowing key stored in the access allowing key 
group storing means (22), are the same; and 
15 secure area accessing means (24) for accessing 

a secure area (31) usually unaccessible, and 

the authentication information creating means 
(14) reads a medium ID (36) peculiar to the medium 
stored in the secure area (31), and uses the medium 
20 ID (36) to create the main-file authentication 
information and the sub-file authentication 
information after the computer ( 1 ) and the storage 
unit (2) are reciprocally authenticated. 

25 12. The system for managing files according to claim 
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9 , wherein 

the reciprocal authenticating means (11) provided 
in said computer (1) and said file accessing means 
(13) are implemented by means of hardware. 

13. The system for managing files according to claim 
9, wherein 

the medium ID (36) is a card ID (18). 

14. The system for managing files according to claim 
9 , wherein 

the medium ID (36) is a master ID (17). 

15. The system for managing files according to claim 

9, wherein 

said authentication information is created for 
each record of a file. 

16. The system for managing files according to claim 

10, wherein 

said authentication information is created for 
each record of a file. 

17. The system for managing files according to claim 

11, wherein 
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said authentication information is created for 
each record of a file. 


18, A system for managing files, comprising: 

5 sub-file reading means (139) for reading one or 

a plurality of sub-files (34) related to a main-file 
(33); 

authentication information creating means (14) 
for creating sub-file authentication information from 
10 sub-files (34) read by the sub-file reading means 
(139); 

system file reading means (135) for reading sub- 
file authentication information from a system file 
(35) related to the sub-file (34); and 

15 authentication information comparing means (15) 

for comparing the sub-file authentication information 
created by the authentication information creating 
means (14) with the sub-file authentication 
information read by the system file reading means 

20 (135). 

19. A system for managing files, comprising: 

main-file reading means (137) for reading a main- 
file (33); 

25 authentication information creating means (14) 
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for creating main- file authentication information from 
a main-file (33) read by the main-file reading means 
(137); 

sub-file reading means (139) for reading roain- 
5 file authentication information from sub-files (34) 
related to the main-file (33); and 

authentication information comparing means (15) 
for comparing the main-file authentication information 
created by the authentication information creating 
10 means (14) with the main-file authentication 
information read by the sub-file reading means (139). 

20. A system for managing files, comprising: 

main-file reading means (137) for reading a main- 

15 file (33); 

sub-file reading means (139) for reading main- 
file authentication information from sub-files (34) 
related to the main-file (33) and one or a plurality 
of sub-files (34) related to the main-file (33); 
20 system file reading means (135) for reading sub- 

file authentication information from a system file 
(35) related to the sub-file (34); 

authentication information creating means (14) 
for creating main-file authentication information from 
25 a main-file (33) read by the main-file reading means 
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(137) and creating sub-file authentication information 
from sub-files (34) read by the sub-file reading means 
(139); and 

an authentication information comparing means 
5 (15) for comparing the main-file authentication 
information created by the authentication information 
creating means (14) with the main-file authentication 
information read by the sub-file reading means (139) 
and comparing the sub-file authentication information 
10 created by the authentication information creating 
means (14) with the sub-file authentication 
information read by the system file reading means 
(135). 

15 21. The system for managing files according to claim 
20, wherein said. main- file (33), said sub-files (34) 
and said system file (35) are stored in a non-secure 
area (32) usually accessible. 

20 22. The system for managing files according to claim 
20, wherein said main-file (33), and said sub-files 
(34) and said system file (35) are stored in a non- 
secure area (32) usually accessible and a secure area 
(31) usually unaccessible, respectively. 

25 
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23. The system for managing files according to claim 

20, wherein said main-file (33) and said sub-files 
(34), and said system file (35) are stored in a non- 
secure area (32) usually accessible and a secure area 

5 (31) usually unaccessible, respectively. 

24. The system for managing files according to claim 

21, further comprising a computer (1) and a storage 
unit (2), wherein 

10 the computer (1) comprises 

reciprocal authenticating means (11) for 
reciprocally authenticating the computer (1) with the 
storing unit (2) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
15 creating access allowing keys; 

access allowing key storing means (12) for 
storing the access allowing keys; and 

file accessing means (13) for sending an access 
request together with the access allowing key, 
20 the storage unit (2) comprises 

reciprocal authenticating means ( 21 ) for 
reciprocally authenticating the storage unit (2) with 
the computer (1) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
25 creating access allowing keys; 
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access allowing key group storing means (22) for 
storing all the access allowing keys; and 

access allowing key identification means (23) for 
identifying if the access allowing key sent from the 
5 file accessing means (13) and stored in the access 
allowing key storing means (12) and at least one 
access allowing key stored in the access allowing key 
group storing means (22), are the same; and 

secure area accessing means (24) for accessing 
10 a secure area (31) usually unaccessible, and 

the authentication information creating means 
(14) reads a medium ID (36) peculiar to the medium 
stored in the secure area (31), and uses the medium 
ID (36) to create the main-file authentication 
15 information and the sub-file authentication 
information after the computer (1) and the storage 
unit (2) are reciprocally authenticated. 

25. The system for managing files according to claim 
20 22, further comprising a computer (1) and a storage 
unit (2), wherein 

the computer (1) comprises 

reciprocal authenticating means (11) *° r 
reciprocally authenticating the computer (1) with the 
25 storing unit (2) and when the computer (1) and the 
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storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key storing means (12) for 
storing the access allowing key; and 

file accessing means (13) for sending an access 
request together with the access allowing key, 

the storage unit (2) comprises 

reciprocal authenticating means (21) for 
reciprocally authenticating the storage unit (2) with 
the computer (1) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key group storing means (22) for 
storing all the access allowing keys; and 

access allowing key identification means (23) for 
identifying if the access allowing key sent from the 
file accessing means (13) and stored in the access 
allowing key storing means (12) and at least one 
access allowing key stored in the access allowing key 
group storing means (22), are the same; and 

secure area accessing means (24) for accessing 
a secure area (31) usually unaccessible, and 

the authentication information creating means 
(14) reads a medium ID (36) peculiar to the medium 
stored in the secure area (31), and uses the medium 
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ID (36) to create the main-file authentication 
information and the sub- file authentication 
information after the computer (1) and the storage 
unit (2) are reciprocally authenticated. 

26. The system for managing files according to claim 
23, further comprising a computer (1) and a storage 
unit (2), wherein 

the computer (1) comprises 

reciprocal authenticating means (11) for 
reciprocally authenticating the computer (1) with the 
storing unit (2) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key storing means ( 12 ) for 
storing all the access allowing keys; and 

file accessing means (13) for sending an access 
request together with the access allowing key, 

the storage unit (2) comprises 

reciprocal authenticating means (21) for 
reciprocally authenticating the storage unit (2) with 
the computer (1) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 
creating access allowing keys; 

access allowing key group storing means (22) for 
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storing all the access allowing keys; and 

access allowing key identification means (23) for 
identifying if the access allowing key sent from the 
file accessing means and stored in the access allowing 
5 key storing means (13) and at least one access 
allowing key stored in the access allowing key group 
storing means (22), are the same; and 

secure area accessing means (24) for accessing 
a secure area (31) usually unaccessible, and 

10 the authentication information creating means 

(14) reads a medium ID (36) peculiar to the medium 
stored in the secure area (31), and uses the medium 
ID (36) to create the main-file authentication 
information and the sub- file authentication 

15 information after the computer (1) and the storage 
unit (2) are reciprocally authenticated. 

27. The system for managing files according to claim 
24 , wherein 

20 the reciprocal authenticating means (11) provided 

in said computer (1) and said file accessing means 
(13) are implemented by means of hardware. 

28. The system for managing files according to claim 
25 24 , wherein 
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the medium ID (36) is a card ID (18). 

29. The system for managing files according to claim 

24, wherein 

the medium ID (36) is a master ID (17). 


30. The system for managing files according to claim 
24, wherein 

said authentication information is created for 
10 each record of a file. 

31. The system for managing files according to claim 
1 , wherein 

said secure area accessing means (24) further 

15 comprises 

access control information reading means (241) 
for reading access control information (38) stored in 
said secure area (31), and 

said storage unit (2) further comprises 
20 sector accessing means (251) for accessing a 

main-file (33) or sub-files (34) related to the main- 
file (33) in units of sectors or sector groups 
according to the access control information (38). 

25 32. The system for managing files according to claim 
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31, wherein 

said secure area accessing means (24) further 
comprises 

access control information setting means (242) 
5 for setting access control information (38) in said 
secure area (31). 

33. The system for managing files according to claim 
9, wherein 

10 authentication information is created using one, 

two or all of said medium ID (36), said card ID (18) 
and said master ID ( 17 ) . 

34. The system for managing files according to claim 
15 24, wherein 

authentication information is created using one, 
two or all of said medium ID (36), said card ID (18) 
and said master ID (17). 

20 35. A computer (1), comprising: 

reciprocal authenticating means (11) for 
reciprocally authenticating the computer (1) with a 
storing unit (2) and when the computer (1) and the 
storage unit (2) are reciprocally authenticated, 

25 creating access allowing keys; and 
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access allowing key storing means (12) for 
storing the access allowing keys; and 

file accessing means (13) for sending an access 
request together with the access allowing key. 

5 

36. A storage unit (2), comprising: 

reciprocal authenticating means (21) for 
reciprocally authenticating the storage unit (2) with 
a computer ( 1 ) and when the computer ( 1 ) and the 
10 storage unit (2) are authenticated with each other, 
creating access allowing keys; 

access allowing key group storing means (22) for 
storing all the access allowing keys; 

access allowing key identification means (23) for 
15 identifying if the access allowing key stored in the 
access allowing key storing means (12) and at least 
one access allowing key stored in the access allowing 
key group storing means (22), are the same; and 

secure area accessing means (24) for accessing 
20 a secure area (31) usually unaccessible. 

37. A method of managing files, comprising the steps 
of: 

reciprocally authenticating between a computer 
25 and a storage unit and when the computer and the 
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storage unit are reciprocally authenticated, creating 
an access allowing key; 

storing the access allowing key; 

storing all the access allowing keys; 

sending an access request together with the 
access allowing key; 

identifying if the access allowing key stored in 
the access allowing key storing step and at least one 
access allowing key stored in the access allowing key 
group storing step, are the same; and 

accessing a secure area usually unaccessible. 


38. A method of managing files, comprising the steps 
of: 

15 storing one or a plurality of sub-files related 

to a main-file; 

creating sub-file authentication information used 

to verify the sub- files; and 

storing a system file to which the sub-file 
20 authentication information is related. 

39. A method of managing files, comprising the steps 
of: 

storing a main- file; 
25 creating main-file authentication information to 
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be used to verify the main-file; and 

storing at least one sub- file to which the 
main-file authentication information is related. 

5 40. A method of managing files, comprising the steps 
of: 

storing a main-file; 

storing at least one sub- file to which the 
main- file authentication information is related; 
10 creating main- file authentication information to 

be used to verify the main-f ile/sub-f ile 
authentication information to be used to verify the 
sub- files; and 

storing a system file to which the sub- file 
15 authentication information is related. 

41. A method of managing files, comprising the steps 
of: 

reading one or a plurality of sub-files related 
20 to a main-file; 

creating sub- file authentication information from 
sub- files; 

reading sub- file authentication information from 
a system file related to the sub-file; and 
25 comparing the sub-file authentication information 
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from the sub-files with the sub-file authentication 
information from the system file. 


42. A method of managing files, comprising the steps 
of: 

reading a main- file; 

creating main-file authentication information 
from the main-file; 

reading main- file authentication information from 
sub-files related to the main-file; and 

comparing the main- file authentication 
information from the main- file with the main-file 
authentication information from the sub- file. 

43. A method of managing files, comprising the steps 
of: 

reading a main- file; 

reading main- file authentication information from 
sub-files related to the main-file and one or a 
plurality of sub-files related to the main-file; 

reading sub-file authentication information from 
a system file related to the sub-file; 

creating main- file authentication information 
from a main-file and creating sub-file authentication 
information from sub- files; and 
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comparing the main-file authentication 
information from the sub-file with the main-file 
authentication information from the main- file and 
comparing the sub-file authentication information from 
5 the system file with the sub-file authentication 
information from the sub-file. 


44 . A method of managing files, comprising the steps 
of: 

10 reciprocally authenticating a computer with a 

storing unit and when the computer and the storage 
unit are reciprocally authenticated, creating access 
allowing keys; and 

storing the access allowing keys; and 

15 sending an access request together with the 

access allowing key. 


45. A method of managing files, comprising the steps 
of: 

20 reciprocally authenticating a storage unit with 

a computer and when the computer and the storage unit 
are authenticated with each other, creating access 
allowing keys; 

storing all the access allowing keys; 

25 identifying if the access allowing key and at 
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least one access allowing key, are the same; and 
accessing a secure area usually unaccessible. 


46- A computer readable storage medium having a 
5 recorded file management program for enabling a 
computer to execute: 

a reciprocal authenticating step of reciprocally 
authenticating between a computer and a storage unit 
and when the computer and the storage unit are 
10 reciprocally authenticated, creating an access 
allowing key; 

an access allowing key storing step of storing 

the access allowing key; 

an access allowing key group storing step of 
15 storing all the access allowing keys; 

a file accessing step of sending an access 
request together with the access allowing key; 

an access allowing key identifying step of 
identifying if the access allowing key stored in the 
20 access allowing key storing process and at least one 
access allowing key stored in the access allowing key 
group storing step, are the same; and 

a secure area accessing step of accessing a 
secure area usually unaccessible. 

25 
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47. A computer readable storage medium having a 
recorded file management program for enabling a 
computer to execute: 

sub-file storing step of storing one or a 
5 plurality of sub-files related to a main-file; 

authentication information creating step of 
creating sub- file authentication information used to 
verify the sub-files; and 

system file storing step of storing a system file 
10 to which the sub- file authentication information is 
related . 

48. A computer readable storage medium having a 
recorded file management program for enabling a 

15 computer to execute: 

main- file storing step of storing a main- file; 
authentication information creating step of 
creating main- file authentication information to be 
used to verify the main-file; and 
20 sub- file storing step of storing at least one 

sub-file to which the main-file authentication 
information is related. 

49. A computer readable storage medium having a 
25 recorded file management program for enabling a 
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computer to execute: 

main-file storing step of storing a main-file; 

sub- file storing step of storing at least one 
sub-file to which the main-file authentication 
information is related; 

authentication information creating step of 
creating main- file authentication information to be 
used to verify the main-f ile/sub-f ile authentication 
information to be used to verify the sub- files; and 

system file storing step of storing a system file 
to which the sub- file authentication information is 
related. 

50. A computer readable storage medium having a 
recorded file management program for enabling a 
computer to execute: 

sub-file reading step of reading one or a 
plurality of sub-files related to a main-file; 

authentication information creating step of 
creating sub-file authentication information from 
sub-files; 

system file reading step of reading sub-file 
authentication information from a system file related 
to the sub -file; and 

authentication information comparing step of 
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comparing the sub-file authentication information from 
the sub-file with the sub-file authentication 
information from the system file. 

5 51. A computer readable storage medium having a 
recorded file management program for enabling a 
computer to execute: 

main- file reading step of reading a main- file; 
authentication information creating step of 
10 creating main-file authentication information from a 
main-file; 

sub- file reading step of reading main-file 
authentication Information from sub- files related to 
the main- file; and 
15 authentication information comparing step of 

comparing the main-file authentication information 
from the main- file with the main-file authentication 
information from the sub-file. 

20 52. A computer readable storage medium having a 
recorded file management program for enabling a 
computer to execute: 

main-file reading step of reading a main-file; 
sub-file reading step of reading main-file 
25 authentication information from sub-files related to 
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the main-file and one or a plurality of sub-files 
related to the main- file; 

system file reading step of reading sub-file 
authentication information from a system file related 
5 to the sub- file; 

authentication information creating step of 
creating main- file authentication information from a 
main-file and creating sub-file authentication 
information from sub- files; and 

10 authentication information comparing step of 

comparing the main- file authentication information 
from the sub- file with the main- file authentication 
information from the main- file and comparing the 
sub- file authentication information from the sub- file 

15 with the sub- file authentication information from the 
main-file. 

53. A computer readable storage medium having a 
recorded file management program for enabling a 

20 computer to execute: 

reciprocal authenticating step of reciprocally 
authenticating a computer with a storing unit and when 
the computer and the storage unit are reciprocally 
authenticated, creating access allowing keys; and 

25 access allowing key storing step of storing the 
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access allowing keys; and 

file accessing step of sending an access request 
together with the access allowing key. 

54. A computer readable storage medium having a 
recorded file management program for enabling a 
computer to execute: 

reciprocal authenticating step of reciprocally 
authenticating a storage unit with a computer and when 
the computer and the storage unit are authenticated 
with each other, creating access allowing keys; 

access allowing key group storing step of storing 
all the access allowing keys; 

access allowing key identification step of 
identifying if the access allowing key and at least 
one access allowing key, are the same; and 

secure area accessing step of accessing a secure 
area usually unaccessible. 

55. A system for managing files substantially as 
herein described with reference to and as shown in 
Figures 1 to 6, 7 and 8, 9, 10 and 11, 12 and 13, 14, 
15, 16 and 17, 18 and 19, 20 and 21, 22 and 23, 24, 25 
26 and 27, 28 and 29, 30, or 31 of the accompanying 
drawings. 

56. A method of managing files substantially as 
herein described with reference to Figures 1 to 6, 7 
and 8, 9, 10 and 11, 12 and 13, 14, 15, 16 and 17, 18 
and 19, 20 and 21, 22 and 23, 24, 25, 26 and 27, 28 
and 29, 30, or 31 of the accompanying drawings. 



RttSl 
Office 

2k 


Application No: 
Claims searched: 


GB 9811875.5 
1,2,35-37,44,45,55,56 


Examiner: 
Date of search: 


Geoffrey Western 
12 November 1998 


Patents Act 1977 

Search Report under Section 17 

Databases searched: 

UK Patent Office collections, including GB, EP, WO & US patent specifications, in: 
UK CI (Ed.P): G4A (AAP) 
Int CI (Ed.6): G06F 1/00 12/14 
Other: Online: COMPUTER, EPODOC, WPI 


Documents considered to be relevant: 


Category 

Identity of document and relevant passage 

Relevant 
to claims 

A 

GB 1588147 A 

(IBM) 


X 

WO 96/25700 Al 

(ETA TECHNOLOGIES) 

N.b. abstract, Figs 7a,7d, pages 38-42 

35.44, at 
least 

A 

WO 95/16947 Al 

(HUGHES AIRCRAFT) 


X 

US 5610980 A 

(JOHNSON et al) 

N.b. abstract, Figs 7a,7d, cols 34-38 

35,44, at 
least 


X Document indicating lack of novelty or inventive sup A Document indkrinf technoloitcsl background end/or state of the art. 

Y Document iodicstimj lick of wveniive step if combined P Document published on or after the decUred priority date but before 

with one or more other documents of same cstefory- *« ***** of invention. 

£ Patent document pubUshed on or after, but with priority date earlier 

& Member of the same patent family than, the filing date of ibis application. 


An Executive Agency of the Depanmeni of Trade and Industry 


BNSDOCtD" <GB 2331381A_I. > 



Application No: 
Claims searched: 


Patent 
Office 


GB 9811 875 .5 Examiner: 
3,18,20,38,41,43,47,50,52 Date of search: 
,55,56 and claims dependent 
thereon. 


K. Sylvan 

15 February 1999 


Patents Act 1977 

Further Search Report under Section 17 

Databases searched: 

UK Patent Office collections, including GB, EP, WO & US patent specifications, in: 
UK CI (Ed.Q): G4A (AAP) 
Int CI (Ed.6): G06F (1/00) 
Other: Online: Patents Citation Index 


Documents considered to be relevant: 


Category 

Identity of document and relevant passage 

Relevant 
to claims 

X 

EP0281225 A2 HP. See abstract. 

3.18,20,38 
,41,43.47. 
50,52 at 
least 


X Document indicating tack of novelty ot inventive step A Docuxnat indicating technological background and/or state of the an. 
Y Document indicating lack of inventive step if combined P Document published on or after the declared priority date but before 
with one or more other documents of same category. the filing date of this invention. 

E Patent document published on or after, but with priority date earlier 
A Member of the same patent family than, the filing date of this application. 


<QB 2331381A_J_> 


An Executive Agency of the Department of Trade and Industry 



Application No: 
Claims searched: 


Rtfent 
Office 

GB 9811875.5 Examiner: 
4,5,19,20,39,40,42,43,48, Date of search: 
49,51,52,55 and 56, and 
claims dependent thereon. 


K. Sylvan 

15 February 1999 


Patents Act 1977 

Further Search Report under Section 17 

Databases searched: 

UK Patent Office collections, including GB, EP, WO & US patent specifications, in: 
UK CI (Ed.Q): G4A (AAP) 
Int CI (Ed.6): G06F (1/00) 
Other: Online: Patents Citation Index 


Documents considered to be relevant: 


Category 

Identity of document and relevant passage 

Relevant 
to claims 

X 

EP0281225 A2 

HP. See abstract. 

4,5,19,20, 
39,40,42, 
43.48,49, 
51,52 at 
least 

X 

US5619571 

Sandstrom et al. See abstract. 

4,19,39,42 
,48,51 at 
least 

X 

US5555303 

Stambler. See abstract. 

4,19,39,42 
.48,51 21 
least 

X 

US5479509 

Ugon. See abstract. 

4.19,39,42 
,48,51 at 
least 

X 

US5050212 

Apple. See abstract. 

4,19,39,42 
,48.51 at 
least 


X Document indicating lack of novelty or inventive step A Document indicating technological background and/or state of (he an. 
Y Document indicating lack of inventive step if combined P Document published on or after the declared priority date but before 
with one or more other documents of tame category. the filing date of this invention. 

E Patent document published on or after, but with priority date earlier 
& Member of the same patent family than, the filing dau of this application. 


An Executive Agency of the Department of Trade and Industry 


BNSOOCtO <G8__2»13aiA_L> 



Application No: 
Claims searched: 


Office 

GB 9811875.5 Examiner: 
18,20,41-43,50-52 and Date of search: 
claims dependent thereon. 


K. Sylvan 

15 February 1999 


Patents Act 1977 

Further Search Report under Section 17 


Databases searched: 


UK Patent Office collections, including GB, EP, WO & US patent specifications, 
UK CI (Ed.Q): G4A (AAP) 
Int CI (Ed.6): G06F (1/00) 
Other: Online: Patents Citation Index 


in: 


Documents considered to be relevant: 


Category 

Identity of document and relevant passage 

Rclcvam 
to claims 

X 

EP0281225 A2 

HP. See page 1 lines 37-52. 

18-20,41- 
43,50-52 
at least 

X 

US5555303 

Stambler. See column 2 lines 20-22. 

19,42,51 

X 

US5479509 

Ugon. See column 3 lines 49-57.. 

at least 

19,42,51 
at least 

X 

US5050212 

Apple. See column I lines 54-61. 

19,42,51 
at least 


v f*™** of oovelty or inventive «cp A uucumeri nucatuv i 

Y Document indicating lack of inventive ste» if D maaon 6 1 

with one or mor* cLr P DoQa ^ ******* on or after the declared priority date bui before 


A Document indicating technological background anoVor state of the i 


with one or more other documents of same category. 
& Member of the same patent family 


the fili date of this invention. 
E Patent document published on or after, but with priority date earlier 
Uan. the Cling date of this application. 


An Executive Agency of the Department of Trade and Industry 


BNSDOCtO: <G8 23313fllA_J_> 



FIG. 1 


BNSDOCIB <G8 233136lA_l_> 



WSDOCtO: <Q8 233 1381 A _J_> 



BNSOOCIO <G8__2331381A _)„> 


STORAGE UNIT 


JL 


COMPUTER 


21 


22 


RECIPROCAL 
AUTHENTICATION 
UNIT 


23 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 





ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


13 


RECIPROCAL 
AUTHENTICATION 
UNIT 

i 


11 


ACCESS ALLOWING 
KEY STORAGE UNIT 


X 


12 


FILE ACCESS UNIT 


r 24 

SECURE AREA 
ACCESS UNIT 


MEDIUM r 3 


SECURE AREA 


NON-SECURE AREA 


FIG. 4 


WSOOCID <G8 2331381A_!_> 


^STARTS ^ 

RECIPROCALLY 
AUTHENTICATES 


S51 



CREATES AN ACCESS 
ALLOWING KEY 


STORES THE ACCESS 
ALLOWING KEY 


SENDS AN ACCESS REQUEST 
AND THE ACCESS ALLOWING 
KEY 


S54 


S55 


ARE THE ACCESS ALLOW! 
KEYS THE SAAE?. 


YES 


ACCESSES 


S57 


( ENDS ) 


F I G. 


BNSDOC1D <G8 2331361A_J_> 



COMPUTER 


n 


r 


14 


AUTHENTICATION 

INFORMATION 
CREATION UNIT 
* 


CO 

c 

CD 
I 


138 


Co 
-< 

CO 


J 


134 


30 
> 


3 

m 


MEDIUM 3 



FIG. 6 


BNSOOCID- <G8 2331 381 A_L> 



'31 


C STARTS J 


STORES SUB-FILES IN A STORAGE 
MEDIUM IN UNITS OF BLOCKS (SUB- 
FILE STORAGE UNIT) 


S71 


CREATES AUTHENT I CATORS IN UNITS 
OF BLOCKS (AUTHENTICATION 
INFORMATION CREATION UNIT) 


S72 



MAKES A SET OF A FINALLY CREATED ; 

AUTHENT I CATOR AND A MAIN- \J 
FILE/SUB-FILE ID. AND STORES THE 
SET IN A SYSTEM FILE 
(SYSTEM FILE STORAGE UNIT) 


END 8 ) 


F I G. 


BNSDOCID. <G8 233138 1A_L> 


8/ 
/31 


COMPUTER 


XL 


_/14 


AUTHENTICATION 

INFORMATION 
CREATION UNIT 



MEDIUM 3 


L 


31 


SECURE 
AREA 


NON-SECURE 
AREA 


.§5 


33 


32 


BNSOOCID. <GB 233 1381 A _}_> 


FIG. 8 



^STARTS J 






S91 

STORES A MAIN-FILE IN A STORAGE 
MEDIUM IN UNITS OF BLOCKS 
(MAIN-FILE STORAGE UNIT) 



S92 

CREATES AUTHENTICATORS IN UNITS 
OF BLOCKS (AUTHENTICATION 
INFORMATION CREATION UNIT) 

^^Seall THE BLOCKS*OP^-^ 

. NO 


S93« 


.PROCESSED* 


YES 


MAKES A SET OF A FINALLY CREATED 

AUTHENT I CATOR AND A MAIN- 
FILE/SU8-FILE ID. AND STORES THE 
SET IN A SUB-FILE 
(SUB-FILE STORAGE UNIT) 


S94 


Q ENDS ^ 


F I G 


BNSOOCiD <G8 2331 381 A_l_> 


COMPUTER 


X 


136 


t 


> 


I 


m 

in 


3D 


138 


14 


AUTHENTICATION 

INFORMATION 
CREATION UNIT 
— 3K 


r 


4, 


rn 

s 


139 


134 

L/ 


g 

m 


MEDIUM 3 


SECURE 
AREA 


NON-SECURE 


I 


25 


AREA 


31 
3.4 


35 


22 


I rn^ 


32 


FIG. 10 


BNSOOCID <G8 2331381A_I_> 


. • 

I 


11, 


31 


Q STARTS ^ 


STORES A MAIN-FILE 
IN A STORAGE MEDIUM 
IN UNITS OF BLOCKS 
(MAIN-FILE STORAGE 
UNIT) 


S1 11 


CREATES 
AUTHENTICATORS IN 
UNITS OF BLOCKS 
(AUTHENTICATION 
INFORMATION CREATION 
UNIT) 


S112 



MAKES A SET OF A 
FINALLY CREATED 
AUTHENT I CATOR AND A 
MAIN-FILE/SUB-FILE ID 
AND STORES THE SET IN 
A SUB-FILE (SUB-FILE 
STORING/READING UNIT) 


S1 14 

V 


READS THE SUB-FILE 
FROM THE STORAGE 

MEDIUM IN UNITS OF 
BLOCKS (SUB-FILE 
STORING/READING 
UNIT) 


S115 


CREATES 
AUTHENTICATORS IN 
UNITS OF BLOCKS 
(AUTHENTICATION 
INFORMATION CREATION 
UNITS) 


S1 16 



MAKES A SET OF A 
FINALLY CREATED 
AUTHENT I CATOR AND A 
MAIN-FILE/SUB-FILE 
ID. AND STORES THE 
SET IN A SYSTEM FILE 
(SYSTEM FILE STORAGE 
UNIT) 

1 

Q ENDS 


S1 19 


FIG. 11 


BNSOOC1D: <G8 2331361A_I_> 


STORAGE UNIT 


COMPUTER 


21 


22 


RECIPROCAL 
AUTHENTICATION 
UNIT 

I 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 


23 


ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


M EDIUM f 3 


kJL 


24 


SECURE AREA 
ACCESS UNIT 


SECURE 
AREA 


NON-SECURE 
AREA 33 


f 


JL 


RECIPROCAL 
AUTHENTICATION 
UNIT 


n 


13 


ACCESS ALLOWING 
KEY STORAGE 

UNIT 
X 


12 
V 


FILE ACCESS 
UNIT 


JL 


14 


AUTHENTICATION 

INFORMATION 
CREATION UNIT 


136 

V 


A 

138 


I 


h 

139 


31, 


in 


m 


34 


ft 


134 
L/ 


MEDIUM ID 
READING UNIT 
PT 


^36 


— o» 


35 


— o 


32 


FIG. 12 


BNSOOClD <G0 2331 361 A_l_> 


( STARTS ) 


READS A MEDIUM 10 
(MEDIUM 10 READING 
UNIT) 


STORES A MAIN-FILE 
IN A STORAGE MEDIUM 
IN UNITS OF BLOCKS 
(MAIN-FILE STORAGE 
UNIT) 


S130 


S131 


CREATES 
AUTHENTICATORS IN 
UNITS OF BLOCKS 
(AUTHENTICATION 
INFORMATION CREATION 
UNIT) 


SI 32 



MAKES A SET OF A 
FINALLY CREATED 
AUTHENTICATOR AND A 
MA I N-F I LE/SUB-f I LE ID 
AND STORES THE SET IN 
A SUB-FILE (SUB-FILE 
STORING/READING UNIT) 


S134 


READS THE SUB-FILE 
FROM THE STORAGE 

MEDIUM IN UNITS OF 
BLOCKS (SUB-FILE 
STORING/READING 
UNIT) 


S135 


CREATES S136 
AUTHENTICATORS IN 
UNITS OF BLOCKS 
(AUTHENTICATION 
INFORMATION CREATION 
UNIT) 



MAKES A SET OF A 
FINALLY CREATED 
AUTHENTICATOR AND A 
MA I N-F I LE/SUB-F I LE 
10. AND STORES THE 
SET IN A SYSTEM FILE 
(SYSTEM FILE STORAGE 
UNIT) 

Q ENDS ^ 


S139 


FIG. 13 


BNSOOOD: <G8 2331381A_J_> 


STORAGE UNIT 


COMPUTER 



FIG. 14 



STORAGE UNIT 


COMPUTER 


21 


22 


23 


RECIPROCAL 
AUTHENTICATION 
UNIT 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 


ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


24 


SECURE AREA 
ACCESS UNIT 


SECURE 
AREA 


NON-SECURE /p 5 
AREA 33 " 


31, 


34 


Tt -< 
— <A 

r- —4 
rn m 


5 


RECIPROCAL 
AUTHENTICATION 
UNIT 


11 


13 


ACCESS ALLOWING 
KEY STORAGE 
UNIT 


12 


•14 


FILE ACCESS 
UNIT . 


AUTHENTICATION 

INFORMATION 

CREATION UNIT 
_ — 


136 


138 


1 


139 


134 


17 


MASTER 10 J 


32 


FIG. 15 


BNSDOCID". <G8 2331361A_I_> 


COMPUTER r\ 


tl* 

AUTHENTICATION 

INFORMATION 

CREATION UNIT 
_ 


139 


in 
•< 
on 


135 


o 


AUTHENTICATION 

INFORMATION 
■COMPARISON UNIT 


MEDIUM^* 



FIG. 16 


SNSOOCIO. <GB 2331361A_L> 


READS AUTHENTICATION INFORMATION 
FROM A SYSTEM FILE 
(SYSTEM FILE READING UNIT) 


S171 


READS SUB-FILES IN UNITS OF 
BLOCKS 
(SUB-FILE READING UNIT) 


I 


CREATES AUTHENTICATORS IN UNITS 
OF BLOCKS (AUTHENTICATION 
INFORMATION CREATION UNIT) 


SI 72 


S173 


"ARE ALL THE BLOCKS OF 
HE SUB-FILE PROCESSED*- 


No 


S174 


S175 


Yes 

ARE ALL SUB- 
FILES PROCESSEO? 

Yes 


No 


S176 


THE CREATED AND 
READ AUTHENTICATORS 
MATCHED? 

Yes 


No 


C 


ENDS WITH A SUCCESSFUL 
VERIFICATION 


) c 


ENDS WITH A FAILED 
VERIFICATION 


FIG. 17 



MEDIUM f 3 


SECURE 
AREA 


NON-SECURE 


AREA 


33 


31, 





g 

s 

i 

-n 


F 


m 


34 


COMPUTER 


•14 


AUTHENTICATION 
-*| INFORMATION 
CREATION UNIT 


137 
U 


32 


139 


AUTHENTICATION 

INFORMATION 
COMPARISON UNIT 


'41 


FIG. 18 


BNSDOC1D <GB 2331 381 A _J_^ 


19/ 


Q STARTS J 


READS AUTHENTICATION INFORMATION 
FROM SUB-FILES 
(SUB-FILE READING UNITS) 


S191 


READS A MAIN-FILE IN UNITS OF 
BLOCKS 
(MAIN-FILE READING UNIT) 


CREATES AUTHENT I CATORS IN UNITS 
OF BLOCKS (AUTHENTICATION 
INFORMATION CREATION UNIT) 



Yes 



ENDS WITH A SUCCESSFUL 
VERIFICATION 


S192 


S193 


No 


No 


c 


ENDS WITH A FAILED 
VERIFICATION 


FIG. 19 


BNSDOCIOr <GB 233138 1A_L> 



COMPUTER 


14 


AUTHENTICATION 

INFORMATION 
CREATION UNIT 


137 

1/ 


m 

>• 
o 


139 


135 

V 


MEDIUM 3 


L 


31 - 


AUTHENTICATION 

INFORMATION 
COMPARISON UNIT 


15 


SECURE 
AREA 


34 


35 


NON-SECURE 
AREA 33 


32 


FIG. 2 0 


BNSDOCID <G8 2331»1A_L> 


READS AUTHENTICATION 
INFORMATION FROM A 

SYSTEM FILE (SYSTEM 
FILE READING UNIT) 


S210 


READS SUB-f ILES IN 
UNITS OF BLOCKS 
(SUB-FILE READING 
UNIT) 


S211 



READS AUTHENTICATION 
INFORMATION FROM SUB- 
FILES 

(SUB-FILE READING UNIT) 


S216 


READS A MAIN-FILE IN 
UNITS OF BLOCKS 
(MAIN-FILE READING 
UNIT) 
I 


S217 


CREATES 
AUTHENTICATORS IN 
UNITS OF BLOCKS 
(AUTHENTICATION 
INFORMATION CREATION 
UNIT) 


S218 



No 


No 


C 


Yes 


ENDS WITH A SUCCESSFUL 
VERIFICATION 


9C 


ENDS WITH A FAILED 
VERIFICATION 


FIG. 2 1 


WSOOOD «GB 23313B1A_J_> 


% 


STORAGE UNIT 


21 


22 


23 


RECIPROCAL 
AUTHENTICATION 
UNIT 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 
7 


ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


MEDIUM, 3 
1 ik 


SECURE 
AREA 


NON-SECURE fin g 
AREA 33 ~ ^ 


X 


24 


SECURE AREA 
ACCESS UNIT 


TT 


34 
TV 


35 


i m_ 


mi 


COMPUTER 


1L 


RECIPROCAL 
AUTHENTICATION 
UNIT 


11 

V 


13 


ACCESS ALLOWING^/ 
KEY STORAGE 
UNIT 
7 


12 


'14 


FILE ACCESS 
UNIT 


{36 

rrt 

— o 


137 

u 


32 


AUTHENTICATION 

INFORMATION 
CREATION UNIT h 
7 


139 

u 


135 


AUTHENTICATION 

INFORMATION 
COMPARISON UNIT 


MEDIUM ID 
READING UNIT 
7 


/4I 


15 


16 


FIG. 2 2 


BNSOOCt& <G8 2331381A_L» 



Q STARTS ^ 


READS A MEDIUM ID 
(MEDIUM ID READING 
UNIT) 


READS AUTHENTICATION 
INFORMATION FROM A 

SYSTEM FILE (SYSTEM 
FILE READING UNIT) 



READS AUTHENTICATION 
INFORMATION FROM SUB- 
FILES 

(SUB-FILE READING UNIT] 


S237 


READS A MAIN-FILE IN 
UNITS OF BLOCKS 
(MAIN-FILE READING 
UNIT) 


X 


S23B 


CREATES AUTHEHTICATORJ 
IN UNITS OF BLOCKS 

(AUTHENTICATION 
INFORMATION CREATION 
UNIT) 


S239 



Yes 


ENDS WITH A SUCCESSFUL 
VERIFICATION 


9C 


ENDS WITH A FAILED 
VERIFICATION 


3 


FIG. 2 3 


BNSOOClD: cGB 2331 361 A_l_> 


STORAGE UNIT 


21 


22 


23 


RECIPROCAL 
AUTHENTICATION 
UNIT 

I 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 
* 


ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


1 


24 


SECURE AREA 
ACCESS UNIT 


MEDIUM 


A 


SECURE 
AREA 


NON-SECURE f 
AREA 33 


COMPUTER 


3T~ 


Tl -< 
— CO 


35 


RECIPROCAL 
AUTHENTICATION 
UNIT 


11 

y 


14 


13 


12 

ACCESS ALLOWING^ 
KEY STORAGE 
UNIT 


FILE ACCESS 
UNIT 


AUTHENTICATION 

INFORMATION 
CREATION UNIT 
* 


I J 


137 


A 

139 


135 


AUTHENTICATION 

INFORMATION 
COMPARISON UNIT 


| CARD 10 | — I 


32 


FIG. 2 4 


BNSOOCID <Ga_233136lA_L» 


STORAGE UNIT 


11 


21 


22 


23 


RECIPROCAL 
AUTHENTICATION 
UNIT 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 


ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


MEDIUM ,3 

. 1 ik. 


SECURE 
AREA 


.24 


SECURE AREA 
ACCESS UNIT 


TT 


NON-SECURE 
AREA 


34 

M ■ 


COMPUTER 


RECIPROCAL 
AUTHENTICATION 
UNIT 


11 


13 


ACCESS ALLOWING^ 
KEY STORAGE 
UNIT 


12 


FILE ACCESS 
UNIT 


JL 


14 


AUTHENTICATION 

INFORMATION 
CREATION UNIT h 


41 



137 

CO 

IN-F 

; 

s 

1 

*n 

r* 
rn 


m 

s 


» 
rn 

i 



o 



i 

/ 

i 

— < 

139 

-H 





135 


AUTHENTICATION 

INFORMATION 
COMPARISON WIT 

^15 


i2J> 

| MASTER ID | 1 


32 


FIG. 2 5 


BNSOOCIO <G8 2331 361 A_J_» 


. ♦ 

V » s 



21 


22 


23 


STORAGE UNIT 


RECIPROCAL 
AUTHENTICATION 
UNIT 

I 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 


ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


251; 


MEDIUM /3 


24 


SECURE AREA 
ACCESS UNIT 

24h 242; 


8 5 

m o 

m e 

S 


UJ 

cr < 

=3 UJ 


lis 

S = m 

1 


» m 

— ° ** 


3 
i 

in 

m Q 

i 


38 


,31 


34 


If 


§2 

? 5 33-|£ fl 


_ > 


HI 


COMPUTER 


XL 


13- 


RECIPROCAL 
AUTHENTICATION 
UNIT 

I 


ACCESS ALLOWING 
KEY STORAGE UNIT 


i 


ii 


12 


FILE ACCESS UNIT 


32 


FIG. 2 6 


BNSOOCtD <GB 233138lA_L> 


- i - 
v • * 


27/ 
/31 


^ STARTS ) 




SETS ACCESS CONTROL 
INFORMATION 



READS THE ACCESS 
CONTROL INFORMATION 



ACCESSES A SECTOR GROUP 




S271 


S272 


S273 


^ ENDS ) 


FIG. 2 7 


BNSOOCID: <G8 2331361A_L» 


STORAGE UNIT 


21 


22 


RECIPROCAL 
AUTHENTICATION 
UNIT 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 


23 


ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


251 1 


MEDIUM 3 


1 


•24 


SECURE AREA 
ACCESS UNIT 

24 h 


* o ^, 

??s 
Is" 

V 


242) 


Si 


38 


31, 


34 


o < 

UJ LU 


33 


/ 


T" 


. rn 


COMPUTER 


13 


RECIPROCAL 
AUTHENTICATION 
UNIT 

i 


ACCESS ALLOWING 
KEY STORAGE UNIT 


I 


11 


12 


FILE ACCESS UNIT 


'131 


fi32 


II 


MA I N-F I LE/SUB-F I LE 
ACCESS UNIT 


MAIN-fllE/SUB-FlU 

- SECTOR GROUP 
CORRESPONDENCE TABLE 


133 


32 


FIG. 2 8 


BNSDOCID <G8 2331381 A_L> 


% 


c 


STARTS 


CONVERTS TO A SECTOR 
LIST 


SETS ACCESS CONTROL 
INFORMATION 


CONVERTS TO A SECTOR 
GROUP 


READS THE ACCESS 
CONTROL INFORMATION 


S291 


S292 


S293 


S294 


ENDS ) 


FIG. 2 9 


BNSOOCID: <G8 233138 tA_L» 


% 


STORAGE UNIT 


COMPUTER 


RECIPROCAL 
AUTHENTICATION 
UNIT 


22 


23 


ACCESS ALLOWING 
KEY GROUP 
STORAGE UNIT 
* 


ACCESS ALLOWING KEY 
IDENTIFICATION UNIT 


r24 


SECURE AREA 
ACCESS UNIT 


MEDIUM 3, 


SECURE 
AREA 


NON-SECURE U £ 
AREA 3/ 


34 

if 

1 1 , — * 


XL 


RECIPROCAL 
AUTHENTICATION 
UNIT 


11 


13 


ACCESS ALLOWING 1-^ 
KEY STORAGE 
UNIT 


12 


14 


FILE ACCESS 
UNIT 


AUTHENTICATION 
INFORMATION 
r^j CREATION UNIT 


X 

> 

z 

> 

2 

z 

1 

1 

~n 

F 

m 

r- 
rn 

CA 

33 

rORAGE 

•AOING 

§ 

§ 

136 

137 


s 


— < 
o 

m 

I 

138 


S 


3 
3 

i 
i 

139 


0* 
o 

f 
134 


135 


#36 


-fl -c 


35 


= B 


AUTHENTICATION 

INFORMATION 
COffARISON UNIT 


■EDIUI 10 

READING UNIT 


MASTER 10 

'l . 


i CARO ID 



32 


FIG. 3 0 


BK500CIO: <G8 2331 361 A _J_> 


BUS 


311 


1 


CPU 


312 


MEMORY 


313 


INPUT 
UNIT 


314 


1 


OUTPUT 
UNIT 


315 


EXTERNAL 
STORAGE UNIT 


316 


MEDIUM 
ORIVING UNIT 


317 


NETWORK 
CONNECTING 
UNIT 


✓ 319 

PORTABLE 
STORAGE 
MEDIUM 


FIG. 3 1 


BNSOOCID: <G8 2331381A _J_> 


This Page is Inserted by IFW Indexing and Scanning 
Operations and is not part of the Official Record 


Defective images within this document are accurate representations of the original 
documents submitted by the applicant. 

Defects in the images include but are not limited to the items checked: 


U BLACK BORDERS 

□ IMAGE CUT OFF AT TOP, BOTTOM OR SIDES 

□ FADED TEXT OR DRAWING 

□ BLURRED OR ILLEGIBLE TEXT OR DRAWING 

□ SKEWED/SLANTED IMAGES 

□ COLOR OR BLACK AND WHITE PHOTOGRAPHS 

□ GRAY SCALE DOCUMENTS 

□ LINES OR MARKS ON ORIGINAL DOCUMENT 

□ REFERENCE(S) OR EXHIBIT(S) SUBMITTED ARE POOR QUALITY 

□ OTHER: 

IMAGES ARE BEST AVAILABLE COPY. 
As rescanning these documents will not correct the image 
problems checked, please do not report these problems to 
the IFW Image Problem Mailbox. 


BEST AVAILABLE IMAGES 



